diff options
11 files changed, 618 insertions, 20 deletions
| diff --git a/freedom-maker/multistrap-configs/torouter-base.conf b/freedom-maker/multistrap-configs/torouter-base.conf index 286c7e1..5e51646 100644 --- a/freedom-maker/multistrap-configs/torouter-base.conf +++ b/freedom-maker/multistrap-configs/torouter-base.conf @@ -6,7 +6,7 @@ debootstrap=Debian torproject torouter  aptsources=Debian torproject torouter  [Debian] -packages=base-files netbase openssh-server zile wget iproute net-tools hostname module-init-tools wget resolvconf udev isc-dhcp-client ifupdown devio initramfs-tools uboot-mkimage parted dosfstools apt iputils-ping haveged python pandoc python-simplejson make dialog locales-all uaputl uapevent dnsmasq iptables vim-nox less screen lsof tcptraceroute traceroute mtr-tiny openntpd dnsmasq unbound python-augeas python-flask python-daemon cron iw python-setuptools  apt-utils dnsutils +packages=base-files netbase openssh-server zile wget iproute net-tools hostname module-init-tools wget resolvconf udev isc-dhcp-client ifupdown devio initramfs-tools uboot-mkimage parted dosfstools apt iputils-ping haveged python pandoc python-simplejson make dialog locales-all uaputl uapevent dnsmasq iptables vim-nox less screen lsof tcptraceroute traceroute mtr-tiny openntpd dnsmasq python-augeas python-flask python-daemon cron iw python-setuptools  apt-utils dnsutils torsocks  source=http://http.debian.net/debian/  keyring=debian-archive-keyring  suite=wheezy diff --git a/packages/torouter-prep/configs/etc/default/dnsmasq b/packages/torouter-prep/configs/etc/default/dnsmasq new file mode 100644 index 0000000..ddaa02b --- /dev/null +++ b/packages/torouter-prep/configs/etc/default/dnsmasq @@ -0,0 +1,2 @@ + +ENABLED=0 diff --git a/packages/torouter-prep/configs/etc/dnsmasq.conf b/packages/torouter-prep/configs/etc/dnsmasq.conf index 8e02834..806996e 100644 --- a/packages/torouter-prep/configs/etc/dnsmasq.conf +++ b/packages/torouter-prep/configs/etc/dnsmasq.conf @@ -15,7 +15,6 @@  # Never forward addresses in the non-routed address spaces.  #bogus-priv -  # Uncomment this to filter useless windows-originated DNS requests  # which can trigger dial-on-demand links needlessly.  # Note that (amongst other things) this blocks all SRV requests, @@ -82,11 +81,11 @@ no-poll  # specified interfaces (and the loopback) give the name of the  # interface (eg eth0) here.  # Repeat the line for more than one interface. -interface=eth1 -interface=uap0 +#interface=eth1 +#interface=uap0  # Or you can specify which interface _not_ to listen on -except-interface=eth0 -except-interface=lo +#except-interface=eth0 +#except-interface=lo  # Or which to listen on by address (remember to include 127.0.0.1 if  # you use this.)  #listen-address= @@ -102,7 +101,7 @@ except-interface=lo  # want dnsmasq to really bind only the interfaces it is listening on,  # uncomment this option. About the only time you may need this is when  # running another nameserver on the same machine. -bind-interfaces +#bind-interfaces  # If you don't want dnsmasq to read /etc/hosts, uncomment the  # following line. @@ -553,4 +552,4 @@ bind-interfaces  # Include a another lot of configuration options.  #conf-file=/etc/dnsmasq.more.conf -conf-dir=/etc/dnsmasq.d +#conf-dir=/etc/dnsmasq.d diff --git a/packages/torouter-prep/configs/etc/dnsmasq.d/lan b/packages/torouter-prep/configs/etc/dnsmasq.d/lan deleted file mode 100644 index 1430733..0000000 --- a/packages/torouter-prep/configs/etc/dnsmasq.d/lan +++ /dev/null @@ -1,2 +0,0 @@ - -dhcp-range=10.23.42.10,10.23.42.254,255.255.255.0,12h diff --git a/packages/torouter-prep/configs/etc/dnsmasq.d/wifi b/packages/torouter-prep/configs/etc/dnsmasq.d/wifi deleted file mode 100644 index d1bdb72..0000000 --- a/packages/torouter-prep/configs/etc/dnsmasq.d/wifi +++ /dev/null @@ -1,2 +0,0 @@ - -dhcp-range=172.16.23.10,172.16.23.254,255.255.255.0,12h diff --git a/packages/torouter-prep/configs/etc/dnsmasq_lan.conf b/packages/torouter-prep/configs/etc/dnsmasq_lan.conf new file mode 100644 index 0000000..1143401 --- /dev/null +++ b/packages/torouter-prep/configs/etc/dnsmasq_lan.conf @@ -0,0 +1,6 @@ + +no-poll +bind-interfaces +interface=eth1 +except-interface=lo +dhcp-range=10.23.42.10,10.23.42.254,255.255.255.0,12h diff --git a/packages/torouter-prep/configs/etc/dnsmasq_wifi.conf b/packages/torouter-prep/configs/etc/dnsmasq_wifi.conf new file mode 100644 index 0000000..56c268e --- /dev/null +++ b/packages/torouter-prep/configs/etc/dnsmasq_wifi.conf @@ -0,0 +1,7 @@ + +no-poll +bind-interfaces +except-interface=lo +interface=uap0 +server=172.16.23.1#5353 +dhcp-range=172.16.23.10,172.16.23.254,255.255.255.0,12h diff --git a/packages/torouter-prep/configs/etc/init.d/dnsmasq_lan b/packages/torouter-prep/configs/etc/init.d/dnsmasq_lan new file mode 100755 index 0000000..22f2557 --- /dev/null +++ b/packages/torouter-prep/configs/etc/init.d/dnsmasq_lan @@ -0,0 +1,290 @@ +#!/bin/sh +### BEGIN INIT INFO +# Provides:       dnsmasq_lan +# Required-Start: $network $remote_fs $syslog +# Required-Stop:  $network $remote_fs $syslog +# Default-Start:  2 3 4 5 +# Default-Stop:   0 1 6 +# Description:    DHCP and DNS server +### END INIT INFO + +set +e   # Don't exit on error status + +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/sbin/dnsmasq +NAME=dnsmasq_lan +DESC="DNS forwarder and DHCP server" + +# Most configuration options in /etc/default/dnsmasq are deprecated +# but still honoured. +ENABLED=1 +if [ -r /etc/default/$NAME ]; then +	. /etc/default/$NAME +fi + +# Get the system locale, so that messages are in the correct language, and the  +# charset for IDN is correct +if [ -r /etc/default/locale ]; then +        . /etc/default/locale +        export LANG +fi + +test -x $DAEMON || exit 0 + +# Provide skeleton LSB log functions for backports which don't have LSB functions. +if [ -f /lib/lsb/init-functions ]; then +         . /lib/lsb/init-functions +else +         log_warning_msg () { +            echo "${@}." +         } + +         log_success_msg () { +            echo "${@}." +         } + +         log_daemon_msg () { +            echo -n "${1}: $2" +         } + +	 log_end_msg () { +            if [ $1 -eq 0 ]; then +              echo "." +            elif [ $1 -eq 255 ]; then +              /bin/echo -e " (warning)." +            else +              /bin/echo -e " failed!" +            fi +         } +fi + +# RESOLV_CONF: +# If the resolvconf package is installed then use the resolv conf file +# that it provides as the default.  Otherwise use /etc/resolv.conf as +# the default. +# +# If IGNORE_RESOLVCONF is set in /etc/default/dnsmasq or an explicit +# filename is set there then this inhibits the use of the resolvconf-provided +# information. +# +# Note that if the resolvconf package is installed it is not possible to  +# override it just by configuration in /etc/dnsmasq.conf, it is necessary +# to set IGNORE_RESOLVCONF=yes in /etc/default/dnsmasq. + +if [ ! "$RESOLV_CONF" ] && +   [ "$IGNORE_RESOLVCONF" != "yes" ] && +   [ -x /sbin/resolvconf ] +then +	RESOLV_CONF=/var/run/dnsmasq/resolv.conf +fi + +for INTERFACE in $DNSMASQ_INTERFACE; do +	DNSMASQ_INTERFACES="$DNSMASQ_INTERFACES -i $INTERFACE" +done + +for INTERFACE in $DNSMASQ_EXCEPT; do +	DNSMASQ_INTERFACES="$DNSMASQ_INTERFACES -I $INTERFACE" +done + +if [ ! "$DNSMASQ_USER" ]; then +   DNSMASQ_USER="dnsmasq" +fi + +start() +{ +        # Return +	#   0 if daemon has been started +	#   1 if daemon was already running +	#   2 if daemon could not be started + +        # /var/run may be volatile, so we need to ensure that +        # /var/run/dnsmasq exists here as well as in postinst +        if [ ! -d /var/run/dnsmasq ]; then +           mkdir /var/run/dnsmasq || return 2 +           chown dnsmasq:nogroup /var/run/dnsmasq || return 2 +        fi + +	start-stop-daemon --start --quiet --pidfile /var/run/dnsmasq/$NAME.pid --exec $DAEMON --test -- -C /etc/dnsmasq_lan.conf > /dev/null || return 1 +	start-stop-daemon --start --quiet --pidfile /var/run/dnsmasq/$NAME.pid --exec $DAEMON -- -C /etc/dnsmasq_lan.conf \ +		-x /var/run/dnsmasq/$NAME.pid \ +	        ${MAILHOSTNAME:+ -m $MAILHOSTNAME} \ +		${MAILTARGET:+ -t $MAILTARGET} \ +		${DNSMASQ_USER:+ -u $DNSMASQ_USER} \ +		${DNSMASQ_INTERFACES:+ $DNSMASQ_INTERFACES} \ +		${DHCP_LEASE:+ -l $DHCP_LEASE} \ +		${DOMAIN_SUFFIX:+ -s $DOMAIN_SUFFIX} \ +		${RESOLV_CONF:+ -r $RESOLV_CONF} \ +		${CACHESIZE:+ -c $CACHESIZE} \ +	        ${CONFIG_DIR:+ -7 $CONFIG_DIR} \ +		${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} \ +		|| return 2 +} + +start_resolvconf() +{ +# If interface "lo" is explicitly disabled in /etc/default/dnsmasq +# Then dnsmasq won't be providing local DNS, so don't add it to +# the resolvconf server set. +	for interface in $DNSMASQ_EXCEPT +	do +		[ $interface = lo ] && return +	done + +        if [ -x /sbin/resolvconf ] ; then +		echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.$NAME +	fi +	return 0 +} + +stop() +{ +	# Return +	#   0 if daemon has been stopped +	#   1 if daemon was already stopped +	#   2 if daemon could not be stopped +	#   other if a failure occurred +	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile /var/run/dnsmasq/$NAME.pid +	RETVAL="$?" +	[ "$RETVAL" = 2 ] && return 2 +	return "$RETVAL" +} + +stop_resolvconf() +{ +	if [ -x /sbin/resolvconf ] ; then +		/sbin/resolvconf -d lo.$NAME +	fi +	return 0 +} + +status() +{ +	# Return +	#   0 if daemon is running +	#   1 if daemon is dead and pid file exists +	#   3 if daemon is not running +	#   4 if daemon status is unknown +	start-stop-daemon --start --quiet --pidfile /var/run/dnsmasq/$NAME.pid --exec $DAEMON --test > /dev/null +	case "$?" in +		0) [ -e "/var/run/dnsmasq/$NAME.pid" ] && return 1 ; return 3 ;; +		1) return 0 ;; +		*) return 4 ;; +	esac +} + +case "$1" in +  start) +	test "$ENABLED" != "0" || exit 0 +	log_daemon_msg "Starting $DESC" "$NAME" +	start +	case "$?" in +		0) +			log_end_msg 0 +			start_resolvconf +			exit 0 +			;; +		1) +			log_success_msg "(already running)" +			exit 0 +			;; +		*) +			log_end_msg 1 +			exit 1 +			;; +	esac +	;; +  stop) +	stop_resolvconf +	if [ "$ENABLED" != "0" ]; then +             log_daemon_msg "Stopping $DESC" "$NAME" +	fi +	stop +        RETVAL="$?" +	if [ "$ENABLED" = "0" ]; then +	    case "$RETVAL" in +	       0) log_daemon_msg "Stopping $DESC" "$NAME"; log_end_msg 0 ;; +            esac  +	    exit 0 +	fi +	case "$RETVAL" in +		0) log_end_msg 0 ; exit 0 ;; +		1) log_warning_msg "(not running)" ; exit 0 ;; +		*) log_end_msg 1; exit 1 ;; +	esac +	;; +  restart|force-reload) +	test "$ENABLED" != "0" || exit 1 +	$DAEMON --test ${CONFIG_DIR:+ -7 $CONFIG_DIR} ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} >/dev/null 2>&1 +	if [ $? -ne 0 ]; then +	    NAME="configuration syntax check" +	    RETVAL="2" +	else    +	    stop_resolvconf +	    stop +	    RETVAL="$?" +        fi +	log_daemon_msg "Restarting $DESC" "$NAME" +	case "$RETVAL" in +		0|1) +		        sleep 2 +			start +			case "$?" in +				0) +					log_end_msg 0 +					start_resolvconf +					exit 0 +					;; +			        *) +					log_end_msg 1 +					exit 1 +					;; +			esac +			;; +		*) +			log_end_msg 1 +			exit 1 +			;; +	esac +	;; +  status) +	log_daemon_msg "Checking $DESC" "$NAME" +	status +	case "$?" in +		0) log_success_msg "(running)" ; exit 0 ;; +		1) log_success_msg "(dead, pid file exists)" ; exit 1 ;; +		3) log_success_msg "(not running)" ; exit 3 ;; +		*) log_success_msg "(unknown)" ; exit 4 ;; +	esac +	;; +  dump-stats) +        kill -s USR1 `cat /var/run/dnsmasq/$NAME.pid` +	;; +  systemd-start-resolvconf) +	start_resolvconf +	;; +  systemd-stop-resolvconf) +	stop_resolvconf +	;; +  systemd-exec) +#  --pid-file without argument disables writing a PIDfile, we don't need one with sytemd. +# Enable DBus by default because we use DBus activation with systemd. +	exec $DAEMON --keep-in-foreground --pid-file --enable-dbus \ +	    ${MAILHOSTNAME:+ -m $MAILHOSTNAME} \ +	    ${MAILTARGET:+ -t $MAILTARGET} \ +	    ${DNSMASQ_USER:+ -u $DNSMASQ_USER} \ +	    ${DNSMASQ_INTERFACES:+ $DNSMASQ_INTERFACES} \ +	    ${DHCP_LEASE:+ -l $DHCP_LEASE} \ +	    ${DOMAIN_SUFFIX:+ -s $DOMAIN_SUFFIX} \ +	    ${RESOLV_CONF:+ -r $RESOLV_CONF} \ +	    ${CACHESIZE:+ -c $CACHESIZE} \ +	    ${CONFIG_DIR:+ -7 $CONFIG_DIR} \ +	    ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS}  +	;; +  *) +	echo "Usage: /etc/init.d/$NAME {start|stop|restart|force-reload|dump-stats|status}" >&2 +	exit 3 +	;; +esac + +exit 0 + diff --git a/packages/torouter-prep/configs/etc/init.d/dnsmasq_wifi b/packages/torouter-prep/configs/etc/init.d/dnsmasq_wifi new file mode 100755 index 0000000..dfd103c --- /dev/null +++ b/packages/torouter-prep/configs/etc/init.d/dnsmasq_wifi @@ -0,0 +1,290 @@ +#!/bin/sh +### BEGIN INIT INFO +# Provides:       dnsmasq_wifi +# Required-Start: $network $remote_fs $syslog +# Required-Stop:  $network $remote_fs $syslog +# Default-Start:  2 3 4 5 +# Default-Stop:   0 1 6 +# Description:    DHCP and DNS server +### END INIT INFO + +set +e   # Don't exit on error status + +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/sbin/dnsmasq +NAME=dnsmasq_wifi +DESC="DNS forwarder and DHCP server" + +# Most configuration options in /etc/default/dnsmasq are deprecated +# but still honoured. +ENABLED=1 +if [ -r /etc/default/$NAME ]; then +	. /etc/default/$NAME +fi + +# Get the system locale, so that messages are in the correct language, and the  +# charset for IDN is correct +if [ -r /etc/default/locale ]; then +        . /etc/default/locale +        export LANG +fi + +test -x $DAEMON || exit 0 + +# Provide skeleton LSB log functions for backports which don't have LSB functions. +if [ -f /lib/lsb/init-functions ]; then +         . /lib/lsb/init-functions +else +         log_warning_msg () { +            echo "${@}." +         } + +         log_success_msg () { +            echo "${@}." +         } + +         log_daemon_msg () { +            echo -n "${1}: $2" +         } + +	 log_end_msg () { +            if [ $1 -eq 0 ]; then +              echo "." +            elif [ $1 -eq 255 ]; then +              /bin/echo -e " (warning)." +            else +              /bin/echo -e " failed!" +            fi +         } +fi + +# RESOLV_CONF: +# If the resolvconf package is installed then use the resolv conf file +# that it provides as the default.  Otherwise use /etc/resolv.conf as +# the default. +# +# If IGNORE_RESOLVCONF is set in /etc/default/dnsmasq or an explicit +# filename is set there then this inhibits the use of the resolvconf-provided +# information. +# +# Note that if the resolvconf package is installed it is not possible to  +# override it just by configuration in /etc/dnsmasq.conf, it is necessary +# to set IGNORE_RESOLVCONF=yes in /etc/default/dnsmasq. + +if [ ! "$RESOLV_CONF" ] && +   [ "$IGNORE_RESOLVCONF" != "yes" ] && +   [ -x /sbin/resolvconf ] +then +	RESOLV_CONF=/var/run/dnsmasq/resolv.conf +fi + +for INTERFACE in $DNSMASQ_INTERFACE; do +	DNSMASQ_INTERFACES="$DNSMASQ_INTERFACES -i $INTERFACE" +done + +for INTERFACE in $DNSMASQ_EXCEPT; do +	DNSMASQ_INTERFACES="$DNSMASQ_INTERFACES -I $INTERFACE" +done + +if [ ! "$DNSMASQ_USER" ]; then +   DNSMASQ_USER="dnsmasq" +fi + +start() +{ +        # Return +	#   0 if daemon has been started +	#   1 if daemon was already running +	#   2 if daemon could not be started + +        # /var/run may be volatile, so we need to ensure that +        # /var/run/dnsmasq exists here as well as in postinst +        if [ ! -d /var/run/dnsmasq ]; then +           mkdir /var/run/dnsmasq || return 2 +           chown dnsmasq:nogroup /var/run/dnsmasq || return 2 +        fi + +	start-stop-daemon --start --quiet --pidfile /var/run/dnsmasq/$NAME.pid --exec $DAEMON --test -- -C /etc/dnsmasq_wifi.conf > /dev/null || return 1 +	start-stop-daemon --start --quiet --pidfile /var/run/dnsmasq/$NAME.pid --exec $DAEMON -- -C /etc/dnsmasq_wifi.conf \ +		-x /var/run/dnsmasq/$NAME.pid \ +	        ${MAILHOSTNAME:+ -m $MAILHOSTNAME} \ +		${MAILTARGET:+ -t $MAILTARGET} \ +		${DNSMASQ_USER:+ -u $DNSMASQ_USER} \ +		${DNSMASQ_INTERFACES:+ $DNSMASQ_INTERFACES} \ +		${DHCP_LEASE:+ -l $DHCP_LEASE} \ +		${DOMAIN_SUFFIX:+ -s $DOMAIN_SUFFIX} \ +		${RESOLV_CONF:+ -r $RESOLV_CONF} \ +		${CACHESIZE:+ -c $CACHESIZE} \ +	        ${CONFIG_DIR:+ -7 $CONFIG_DIR} \ +		${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} \ +		|| return 2 +} + +start_resolvconf() +{ +# If interface "lo" is explicitly disabled in /etc/default/dnsmasq +# Then dnsmasq won't be providing local DNS, so don't add it to +# the resolvconf server set. +	for interface in $DNSMASQ_EXCEPT +	do +		[ $interface = lo ] && return +	done + +        if [ -x /sbin/resolvconf ] ; then +		echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.$NAME +	fi +	return 0 +} + +stop() +{ +	# Return +	#   0 if daemon has been stopped +	#   1 if daemon was already stopped +	#   2 if daemon could not be stopped +	#   other if a failure occurred +	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile /var/run/dnsmasq/$NAME.pid +	RETVAL="$?" +	[ "$RETVAL" = 2 ] && return 2 +	return "$RETVAL" +} + +stop_resolvconf() +{ +	if [ -x /sbin/resolvconf ] ; then +		/sbin/resolvconf -d lo.$NAME +	fi +	return 0 +} + +status() +{ +	# Return +	#   0 if daemon is running +	#   1 if daemon is dead and pid file exists +	#   3 if daemon is not running +	#   4 if daemon status is unknown +	start-stop-daemon --start --quiet --pidfile /var/run/dnsmasq/$NAME.pid --exec $DAEMON --test > /dev/null +	case "$?" in +		0) [ -e "/var/run/dnsmasq/$NAME.pid" ] && return 1 ; return 3 ;; +		1) return 0 ;; +		*) return 4 ;; +	esac +} + +case "$1" in +  start) +	test "$ENABLED" != "0" || exit 0 +	log_daemon_msg "Starting $DESC" "$NAME" +	start +	case "$?" in +		0) +			log_end_msg 0 +			start_resolvconf +			exit 0 +			;; +		1) +			log_success_msg "(already running)" +			exit 0 +			;; +		*) +			log_end_msg 1 +			exit 1 +			;; +	esac +	;; +  stop) +	stop_resolvconf +	if [ "$ENABLED" != "0" ]; then +             log_daemon_msg "Stopping $DESC" "$NAME" +	fi +	stop +        RETVAL="$?" +	if [ "$ENABLED" = "0" ]; then +	    case "$RETVAL" in +	       0) log_daemon_msg "Stopping $DESC" "$NAME"; log_end_msg 0 ;; +            esac  +	    exit 0 +	fi +	case "$RETVAL" in +		0) log_end_msg 0 ; exit 0 ;; +		1) log_warning_msg "(not running)" ; exit 0 ;; +		*) log_end_msg 1; exit 1 ;; +	esac +	;; +  restart|force-reload) +	test "$ENABLED" != "0" || exit 1 +	$DAEMON --test ${CONFIG_DIR:+ -7 $CONFIG_DIR} ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS} >/dev/null 2>&1 +	if [ $? -ne 0 ]; then +	    NAME="configuration syntax check" +	    RETVAL="2" +	else    +	    stop_resolvconf +	    stop +	    RETVAL="$?" +        fi +	log_daemon_msg "Restarting $DESC" "$NAME" +	case "$RETVAL" in +		0|1) +		        sleep 2 +			start +			case "$?" in +				0) +					log_end_msg 0 +					start_resolvconf +					exit 0 +					;; +			        *) +					log_end_msg 1 +					exit 1 +					;; +			esac +			;; +		*) +			log_end_msg 1 +			exit 1 +			;; +	esac +	;; +  status) +	log_daemon_msg "Checking $DESC" "$NAME" +	status +	case "$?" in +		0) log_success_msg "(running)" ; exit 0 ;; +		1) log_success_msg "(dead, pid file exists)" ; exit 1 ;; +		3) log_success_msg "(not running)" ; exit 3 ;; +		*) log_success_msg "(unknown)" ; exit 4 ;; +	esac +	;; +  dump-stats) +        kill -s USR1 `cat /var/run/dnsmasq/$NAME.pid` +	;; +  systemd-start-resolvconf) +	start_resolvconf +	;; +  systemd-stop-resolvconf) +	stop_resolvconf +	;; +  systemd-exec) +#  --pid-file without argument disables writing a PIDfile, we don't need one with sytemd. +# Enable DBus by default because we use DBus activation with systemd. +	exec $DAEMON --keep-in-foreground --pid-file --enable-dbus \ +	    ${MAILHOSTNAME:+ -m $MAILHOSTNAME} \ +	    ${MAILTARGET:+ -t $MAILTARGET} \ +	    ${DNSMASQ_USER:+ -u $DNSMASQ_USER} \ +	    ${DNSMASQ_INTERFACES:+ $DNSMASQ_INTERFACES} \ +	    ${DHCP_LEASE:+ -l $DHCP_LEASE} \ +	    ${DOMAIN_SUFFIX:+ -s $DOMAIN_SUFFIX} \ +	    ${RESOLV_CONF:+ -r $RESOLV_CONF} \ +	    ${CACHESIZE:+ -c $CACHESIZE} \ +	    ${CONFIG_DIR:+ -7 $CONFIG_DIR} \ +	    ${DNSMASQ_OPTS:+ $DNSMASQ_OPTS}  +	;; +  *) +	echo "Usage: /etc/init.d/$NAME {start|stop|restart|force-reload|dump-stats|status}" >&2 +	exit 3 +	;; +esac + +exit 0 + diff --git a/packages/torouter-prep/configs/etc/network/interfaces b/packages/torouter-prep/configs/etc/network/interfaces index 036eb4d..34b2f35 100644 --- a/packages/torouter-prep/configs/etc/network/interfaces +++ b/packages/torouter-prep/configs/etc/network/interfaces @@ -8,7 +8,6 @@ iface lo inet loopback  # The primary network interface  auto eth0  iface eth0 inet dhcp -	post-up ifup uap0  	post-down ifdown uap0  auto eth1 @@ -17,10 +16,12 @@ iface eth1 inet static  	netmask 255.255.255.0  	network 10.23.42.0  	broadcast 10.23.42.255 +    pre-up ip addr del 10.23.42.1/24 dev eth1 || true  	post-up echo 1 > /proc/sys/net/ipv4/ip_forward +	post-up /etc/init.d/dnsmasq_lan start  	# this must happen after have brought up uap0 because it clears the nat tables  	post-up iptables -t nat -A POSTROUTING -s 10.23.42.0/24 -o eth0 -j MASQUERADE -	post-up /etc/init.d/dnsmasq restart +	pre-down /etc/init.d/dnsmasq_lan stop  # The magic Tor wireless network  auto uap0 @@ -30,10 +31,14 @@ iface uap0 inet static  	network 172.16.23.0  	broadcast 172.16.23.255  	pre-up ifconfig uap0 hw ether 00:66:66:66:66:66 -	post-up /etc/init.d/tor reload -	post-up /etc/init.d/dnsmasq restart +    pre-up ip addr del 172.16.23.1/24 dev uap0 || true +	post-up /etc/init.d/tor start +    post-up /etc/init.d/tor reload +	post-up /etc/init.d/dnsmasq_wifi start  	post-up /etc/init.d/ttdnsd restart  	post-up /usr/bin/uaputl sys_cfg_ssid "torproject" || true  	post-up /usr/bin/uaputl bss_start || true  	post-up /usr/sbin/tor-wireless-firewall.sh || true +    post-up /sbin/iptables -t nat -A OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT --to-ports 9040   	pre-down /usr/bin/uaputl bss_stop || true +	pre-down /etc/init.d/dnsmasq_wifi stop diff --git a/packages/torouter-prep/src/torouter_preboot.sh b/packages/torouter-prep/src/torouter_preboot.sh index 18703a5..70c08aa 100755 --- a/packages/torouter-prep/src/torouter_preboot.sh +++ b/packages/torouter-prep/src/torouter_preboot.sh @@ -34,10 +34,13 @@ install -o root -g root -m 600 $config_dir/etc/network/interfaces /etc/network/i  # Configure dnsmasq  install -o root -g root -m 600 $config_dir/etc/dnsmasq.conf /etc/dnsmasq.conf -mkdir -p /etc/dnsmasq.d -chown root:root /etc/dnsmasq.d -install -o root -g root -m 600 $config_dir/etc/dnsmasq.d/lan /etc/dnsmasq.d/lan -install -o root -g root -m 600 $config_dir/etc/dnsmasq.d/wifi /etc/dnsmasq.d/wifi +install -o root -g root -m 600 $config_dir/etc/dnsmasq_lan.conf /etc/dnsmasq_lan.conf +install -o root -g root -m 600 $config_dir/etc/dnsmasq_wifi.conf /etc/dnsmasq_wifi.conf + +# new dns scheme +install -o root -g root -m 600 $config_dir/etc/default/dnsmasq /etc/default/dnsmasq +install -o root -g root -m 750 $config_dir/etc/init.d/dnsmasq_lan /etc/init.d/dnsmasq_lan +install -o root -g root -m 750 $config_dir/etc/init.d/dnsmasq_wifi /etc/init.d/dnsmasq_wifi  # Configure ntp  install -o root -g root -m 600 $config_dir/etc/ntp.conf /etc/ntp.conf | 
